In last decades there have been many proposals from the machine learning community in the intrusion detection field. One of the main problems that Intrusion Detection Systems (IDSs) - mainly anomaly-based ones - have to face are those attacks not previously seen (zero-day attacks). This paper proposes a mutation technique to test and evaluate the performance of several classifier ensembles incorporated to network-based IDSs when tackling the task of recognizing such attacks. The technique applies mutant operators that randomly modifies the features of the captured packets to generate situations that otherwise could not be provided to learning IDSs. As an example application for the proposed testing model, it has been specially applied to the identification of network scans and related mutations. © 2011 Springer-Verlag.
CITATION STYLE
González, S., Sedano, J., Herrero, Á., Baruque, B., & Corchado, E. (2011). Testing ensembles for intrusion detection: On the identification of mutated network scans. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 6694 LNCS, pp. 109–117). https://doi.org/10.1007/978-3-642-21323-6_14
Mendeley helps you to discover research relevant for your work.